<?
##########################################################################
#		DOCUMENTATION
##########################################################################
# Main class to access the database. It's a little wrapper to make things
# easier and to avoid direct access to the pdo object outside this class.
#
# © LiberLab group, 2011
##########################################################################
	
# avoid to extend the database class. It must be used, not extended. 
#That's the reason why there's the final	

final class Database {
	private $dbHostname; private $dbUsername; private $dbPassword; private $dbName;
	private $pdo;
	public function __construct() {
		require_once("config/config.php");
		# doing it as for messages doesn't work, with no reason (because previously it worked just fine).
		# so: refactoring, this will complex things only a bit.
		$var = new config(); $conf = $var->conf;
		require_once("generalFunctions.php");
		
		$this->dbHostname = $conf["dbHostname"]; 
		$this->dbUsername = $conf["dbUsername"]; 
		$this->dbPassword = $conf["dbPassword"]; 
		$this->dbName = $conf["dbName"];
		$charset = $conf["charset"];
		if ($charset == ""){
			$charset = "utf8";
		}
		
		try {
			# for future addings
			if ($conf["dbType"] == "mysql"){
				$pdo = new PDO("mysql:host=" . $this->dbHostname . ";dbname=" . $this->dbName, $this->dbUsername, $this->dbPassword);
				$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
				$pdo->query("SET NAMES $charset");
				$this->pdo = $pdo;
			}
		}
		catch (PDOException $e) {
			echo "Error!: " . $e->getMessage() . "<br />";
			die();
		}; 
		if(count($this->pdo->errorInfo()) > 1) {
			$errorinfo = $pdo->errorInfo();
			echo $errorinfo[2]; // string with the error
		}		
	}
	# direct query
	public function query($queryString){
		$pdo = $this->pdo;
		return $pdo->query($queryString);
	}
	# prepared query
	public function getStpdo($queryString){
		$pdo = $this->pdo;
		$stpdo = $pdo->prepare($queryString);
		return $stpdo;
	}	
	# get the rows of a query
	public function getRows($stpdo){
		return (string) $stpdo->rowCount();
	}
	# get the columns of a query
	public function getCols($stpdo){
		return (string) $stpdo->columnCount();
	}
	# exec the query in safety
	public function execSecure($queryString, $arrayParameters){
		$pdo = $this->pdo;
		# replace every null parameter into the right "null" SQL value in the query
		foreach($arrayParameters as $key => $value){
			if ($value == NULL){
				$queryString = str_replace($key, "NULL", $queryString);
				unset($arrayParameters[$key]);
			}
		}
		$stpdo = $pdo->prepare($queryString);
		return $stpdo->execute($arrayParameters);
	}
	# functions for transactions
	public function beginTransaction(){
		$pdo = $this->pdo;
		return $pdo->beginTransaction(); 
	}
	public function commit(){
		$pdo = $this->pdo;
		return $pdo->commit(); 
	}
	public function rollBack(){
		$pdo = $this->pdo;
		return $pdo->rollBack(); 
	}	
	
	private function singleSanitaze($input){
		if (stristr($input, " ")){
			return false;
		}
		return true;	
	}
	public function sanitize($input){
		# sanitaze the input when we can't use a prepared-statement
		if (is_array($input)){
			# it does an "AND" of all the input given
			foreach($input as $singleInput){
				if (!$this->singleSanitaze($singleInput)){
					return false;
				}
			}
			return true;
		}
		return $this->singleSanitaze($input);
	}
	
	public function __destruct() {
		unset($this->pdo);
	}
};

?>
